Blockchain Vulnerability ‘HamsterWheel’ Discovered and Patched, Sui Network Awards $500,000 Bounty
CertiK, a leading blockchain security firm, has been rewarded with a $500,000 bounty by the Sui network for identifying and addressing a critical threat that had the potential to disrupt the entire layer-1 blockchain infrastructure of Sui.
In a press release shared with Cointelegraph, CertiK emphasized that the “HamsterWheel” vulnerability, as it was named, differed from traditional attacks that aim to bring down blockchains by crashing nodes.
This particular attack method entrapped nodes in a perpetual loop, allowing them to perform operations without processing new transactions, much like hamsters running endlessly on a wheel. The implications of this attack were severe, with the potential to cripple networks and render them inoperable.
Upon discovering the vulnerability prior to Sui’s mainnet launch, CertiK promptly reported its findings to the Sui network. In response, Sui swiftly implemented necessary fixes to safeguard its blockchain against the potential damage such an attack could cause.
The $500,000 bounty awarded to CertiK by Sui serves as recognition for the security firm’s diligent efforts. CertiK emphasizes that this highlights the importance of bug bounty programs and proactive security measures.
Kang Li, the Chief Security Officer at CertiK, noted that threats to blockchain networks constantly evolve, stating, “The discovery of the HamsterWheel attack demonstrates the increasing sophistication of threats targeting blockchain networks.”
More technical details regarding the vulnerability will be released soon, with comprehensive reports following the deployment and thorough testing of all mitigation measures.
In a separate development within the decentralized finance (DeFi) sector, a cryptocurrency trading bot recently secured a $200 million loan to yield a mere $3 profit. On June 14, an arbitrage bot executed a series of complex transactions, including borrowing 200 million DAI from MakerDAO, resulting in a total gain of $3.24. While one community member praised the bot’s ability to generate profit regardless of the amount, another interpreted this as a reflection of the challenging conditions within the current crypto bear market.”
1 Comment